IBM claims it has improved the security of its z/OS mainframe operating system.

The improvements make it easier for IT professionals to set security policies across multiple instances of z/OS, the company said on Friday. Administrators can now set network encryption rules and intrusion detection centrally for all z/OS-based mainframes.

IBM is also encouraging businesses to host Public Key Infrastructure (PKI) encryption certificates on mainframes, as opposed to outsourcing them. The company says it has improved PKI services on z/OS and that customers could save one-third on costs by hosting PKI certificates internally.

PKI encryption can be used for a range of functions, including securing a WPA-based wireless LAN or securing the end nodes of a VPN.

IBM has also used its acquisition of auditing company Consul earlier this year to extend its Tivoli zSecure software portfolio.

Tivoli zSecure Manager for RACF z/VM, which was released on Friday, automates security administration and audit processes in virtual mainframe environments.